Dino firewalls are always a pain to scan as they will throw up ghost ports and devices, have different "looks" depending from where you scan, and drop most packets resulting in very slow scan times. In my experience you get very little information for a high degree of effort. ISA need not be too different.
Your question is a bit unclear - let me explain: It depends what you want to test. In my experience, if you want to see how good the firewall works, you need to find out what gets through in spite of the ISA server. You would thus need to scan a device behind it rather than scan the ISA firewall itself. On the other hand, I believe that if you want to test the security of the underlying server and the correctness of the ISA set-up and configuration, you may be better off using "white box" tools such as DISA/NIST STIGs, CISecurity.org templates and scoring programs run locally using user and/or admin rights, rather than throwing a VA scanner at it. Albert anon.: our job is so secret even we do not know what we am doing! ---------- Forwarded message ---------- From: Francis D. Lorenzana <[EMAIL PROTECTED]> Date: 22.04.2008 19:24 Subject: Scanning ISA 2006 To: [email protected] Has anyone ever scanned a Windows ISA Server 2006 or 2007? (Is there a 2007?). The ISA Server doesn't seem to allow me to scan it. The SA says he has to uninstall ISA in order for the system to be scanned. Does this sound right? Dino Francis D. "Dino" Lorenzana | Computer Security Analyst Information Technology Security Group | E-Mail: [EMAIL PROTECTED] Office of the Chief Information Officer | Phone: (818) 393-3853 Jet Propulsion Laboratory | Cell: (818) 653-2794 M/S 602-149 | Fax: (818) 393-1377 4800 Oak Grove Drive Pasadena, CA 91109-8099 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
